The background description includes information that may be useful in understanding the present invention. It is not an admission that any of the information provided herein is prior art or relevant to the presently claimed invention, or that any publication specifically or implicitly referenced is prior art.
All publications herein are incorporated by reference to the same extent as if each individual publication or patent application were specifically and individually indicated to be incorporated by reference. Where a definition or use of a term in an incorporated reference is inconsistent or contrary to the definition of that term provided herein, the definition of that term provided herein applies and the definition of that term in the reference does not apply.
Many publically accessible computer systems are victims of malicious cyber-attacks, for example some malicious users attack computer systems in order to steal confidential data or attack computer systems in order to bring down a server. Preventing malicious data attacks from causing harm to a server is of paramount importance for companies who depend upon providing secure services to their user base at all times. Primitive security systems provide a proxy in front of a computer server which gathers a list of IP addresses of known malicious systems. The proxy will then prevent transmissions from known malicious IP addresses from being transmitted to the protected computer server. Such systems, however, fail to protect computer servers from unknown malicious systems having unknown IP addresses.
U.S. Pat. No. 8,938,491 to Colton teaches a system that dynamically alters the proxy code of client-side JavaScript code at a predetermined time to generate altered proxy codes. The altered proxy codes do not convey the meaning of the function or service so that someone who knows the JavaScript code at one point of time cannot access the same JavaScript code at another point of time. Colton's system, however, always uses the same JavaScript functions for each iteration. An attacker who spoofs an entire function could apply that function at a later time period, even if the server generates a new altered proxy code.
U.S. Pat. No. 8,983,061 to Watanabe teaches a system for encrypting data to provide a security layer between two computer systems. Watanabe's system will choose an encryption algorithm, key, and/or parameter based upon a hash value of a predetermined portion of the data segment. Watanabe's system, however, requires a portion of the data to be transmitted without encryption, which is then hashed to inform the recipient of the encryption algorithm, key, and/or parameter. Watanabe's system also requires both systems to have software code that can generate the hash value to determine which encryption algorithm is chosen. A malicious entity having access to one of the systems could easily spoof that system.
US2014298013 to Marchant teaches a system for dynamically selecting portions of data to encrypt and selecting the type of encryption algorithm to use using a public code and a pin. Marchant's system predictably cycles through a number of bytes to be encrypted/decrypted and the type of encryption algorithm to use based upon the public code and the pin. Marchant's system, however, requires the client system to have code that cycles through the types of encryption algorithms chosen using a pin. A malicious entity having access to the client system could easily spoof the client system.
U.S. Pat. No. 9,106,693 to Quinlan teaches a system that uniquely identifies a device through a fingerprinting technique. Quinlan's fingerprinting technique analyzes characteristics associated with the remote device and compares the fingerprint to the fingerprints of known attackers. Quinlan's system will then selectively manage traffic based upon the determined similarity between the fingerprint of the new device and the fingerprints of known attackers. Quinlan's system, however, can be easily overcome by an attacker that submits false fingerprint data.
US 2015/0188926 to Horn teaches a system that stores reputations of subjects (e.g. person, software) that request access to a controlled resource. Horn's system determines whether the subject is a known security risk, and modifies the reputation of the subject in the case that the security risk meets a threshold. Horn's system, however, administers predictable, predetermined tests to determine whether the subject is a known security risk, which can be easily overcome by an attacker that analyzes Horn's system for a short period of time.
Thus, there remains a need for a system and method that prevents attackers from harming a known system.